168 entries found.
Displaying page 2
of 9.
VirTool:WinNT/Ghodow.A
Updated on Apr 08, 2010
VirTool:WinNT/Ghodow.A is a detection for the driver component of the Win32/Ghodow family.
Alert level:
severe
Win32/Bubnix
Updated on Jul 12, 2010
Win32/Bubnix is a generic detection for a kernel-mode driver installed by other malware that hides its presence on an affected computer by blocking registry and file access to itself. The trojan may report its installation to a remote server, download and distribute spam e-mail messages and could download and execute arbitrary files.
Alert level:
severe
WinNT/Bubnix
Updated on Jul 12, 2010
WinNT/Bubnix is a generic detection for a kernel-mode driver installed by other malware that hides its presence on an affected computer by blocking registry and file access to itself. The trojan may report its installation to a remote server, download and distribute spam e-mail messages and could download and execute arbitrary files.
Alert level:
severe
Trojan:Win32/R2d2.A!rootkit
Updated on Oct 10, 2011
Trojan:Win32/R2d2.A!rootkit is a component of Backdoor:Win32/R2d2.A. It can delete or rename protected files, modify file properties and perform other actions.
Alert level:
severe
Trojan:Win32/Rootkit.W
Updated on May 04, 2012
Trojan:Win32/Rootkit.W is a trojan that may steal sensitive information by monitoring certain processes and visited websites.
Alert level:
severe
Trojan:WinNT/Killav.G
Updated on May 29, 2012
Trojan:WinNT/Killav.G is a malicious system driver that acts as a malicious component for PWS:Win32/OnLineGames variants, such as PWS:Win32/OnLineGames.LH and PWS:Win32/OnLineGames.LY.
Alert level:
severe
PWS:WinNT/OnLineGames.E
Updated on Jul 26, 2012
PWS:WinNT/OnLineGames.E is the rootkit component of the PWS:Win32/OnlineGames family. Its role is to hide certain files and registry keys to prevent removal from your computer.
Alert level:
severe
Trojan:Win32/Srizbi.gen
Updated on Dec 13, 2007
Trojan:Win32/Srizbi.gen is a generic detection for Trojans that connect to remote sites to retrieve spam messages. It also uses rootkit techniques in order to hide itself from the affected user.
Alert level:
severe
Spammer:WinNT/Srizbi.gen
Updated on Apr 16, 2008
Spammer:WinNT/Srizbi.gen is a generic detection for Trojans that connect to remote sites to retrieve spam messages. It also uses rootkit techniques in order to hide itself from the affected user.
Alert level:
severe
VirTool:WinNT/Cutwail.K
Updated on Oct 27, 2008
Cutwail is a trojan which is able to download and executes arbitrary files. Downloaded files may be executed from disk or injected directly into another process. Whilst the functionality of the files that are downloaded may change, Cutwail usually downloads a trojan which is able to send spam. Cutwail also employs rootkit and other defensive techniques to avoid detection and removal.
VirTool:WinNT/Cutwail.K is a device driver component (rootkit) used by Cutwail malware family.
It contains functionality to modify the system's winlogon.exe.
Alert level:
severe
Backdoor:WinNT/Tofsee.gen!A
Updated on Nov 19, 2008
Backdoor:WinNT/Tofsee.gen!A is a generic detection for variant components of Backdoor:WinNT/Tofsee. WinNT/Tofsee.gen!A is dropped by TrojanDropper:Win32/Tofsee.A and is generally accompanied with Backdoor:Win32/Tofsee.F.
Alert level:
severe
Backdoor:WinNT/Rustock.H
Updated on Apr 09, 2009
Backdoor:WinNT/Rustock.H is a component of Win32/Rustock - a multi-component family of rootkit-enabled backdoor trojans, which were historically developed to aid in the distribution of 'spam' e-mail. First discovered sometime in early 2006, Rustock has evolved to become a prevalent and pervasive threat. Recent variants appear to be associated with the incidence of rogue security programs.
Alert level:
severe
Worm:Win32/Zumes.A!sys
Updated on Mar 23, 2010
Worm:Win32/Zumes.A!sys is a detection of a device driver component of the worm Win32/Zumes. This worm uses the component to communicate with other components of the worm and deletes the folder named "\System Volume Information".
Win32/Zumes.A is a worm that spreads to removable drives and also uses the timer to perform a destructive payload by overwriting the master boot record (MBR) of attached and removable drives.
Alert level:
severe
Trojan:Win32/Resmu.A!rootkit
Updated on Aug 27, 2010
Trojan:Win32/Resmu.A!rootkit is a kernel-mode rootkit that is installed by TrojanDropper:Win32/Resmu.A.
Alert level:
severe
TrojanDropper:Win32/Festi.C
Updated on Nov 03, 2010
TrojanDropper:Win32/Festi.C is a trojan that installs Backdoor:WinNT/Festi.C, a trojan backdoor that allows backdoor access and control to an infected computer.
Alert level:
severe
Backdoor:WinNT/Festi.C
Updated on Nov 12, 2010
Backdoor:WinNT/Festi.C is a backdoor trojan that allows limited remote access and control. The trojan connects to a remote website and retrieves instructions and commands from a remote attacker. The commands could instruct Backdoor:WinNT/Festi.C to distribute spam.
Alert level:
severe
Trojan:DOS/Alureon.K
Updated on Aug 06, 2012
Windows Defender detects this threat.
The threat is a member of the Alureon family of data-stealing trojans. These trojans allow a malicious hacker to get confidential information such as your user names, passwords, and credit card data.
For more information on the Alureon family, see the Alureon family description and the DOS/Alureon description.
Alert level:
severe
WinNT/FURootkit
Updated on Jun 08, 2006
Virtool:WinNT/FURootkit is a family of kernel-mode rootkit programs that target computers running certain versions of Microsoft Windows. It is primarily used to hide certain processes from process viewers or to hide certain device drivers. This rootkit is often bundled with other malicious software. For example, it is installed on a computer by some variants of Win32/Rbot.
Some variants of WinNT/FURootkit can be configured to unlink certain processes from the EPROCESS linked list, so that the running process is hidden from Task Manager and other process-viewer applications. Some Win32/Rbot variants use this stealth method to hide themselves.
Alert level:
high
Win32/FURootkit
Updated on Feb 29, 2008
Virtool:Win32/FURootkit is a family of kernel-mode rootkit programs that target computers running certain versions of Microsoft Windows. It is primarily used to hide certain processes from process viewers or to hide certain device drivers. This rootkit is often bundled with other malicious software. For example, it is installed on a computer by some variants of Win32/Rbot.
Some variants of Win32/FURootkit can be configured to unlink certain processes from the EPROCESS linked list, so that the running process is hidden from Task Manager and other process-viewer applications. Some Win32/Rbot variants use this stealth method to hide themselves.
Alert level:
high
VirTool:WinNT/Cutwail.M
Updated on Jul 16, 2009
Cutwail is a trojan which is able to download and executes arbitrary files. Downloaded files may be executed from disk or injected directly into another process. Whilst the functionality of the files that are downloaded may change, Cutwail usually downloads a trojan which is able to send spam. Cutwail also employs rootkit and other defensive techniques to avoid detection and removal.
VirTool:WinNT/Cutwail.M is a kernel-mode component used by Cutwail malware family. It contains functionality drop files and to run in Windows safe mode and Windows safe mode with network support.
Alert level:
severe